ГлавнаяУязвимости → CVE-2025-55998
8.1высокая

CVE-2025-55998

Описание

A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify and BigCommerce apps allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into several filter parameter

Затрагиваемое ПО
Mezereon Smart search and filter
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Источники
https://github.com/Ocmenog/CVE-2025-55998https://www.mezereon.com/shopify/#intro